Select Page

Network Links between OpenStack and Kubernetes Projects

by | May 11, 2022 | Web Services

We are happy to introduce cross-project network links between OpenStack and Kubernetes!
This feature provides an easy and free solution for our customers to share one or multiple networks between their OpenStack and Kubernetes projects.
We employ the native OpenStack RBAC feature to make this possible.
As a result, our customers can now establish local connections between their OpenStack servers and Kubernetes clusters.

 

How you can use it

You will need to have at least one OpenStack project and one Kubernetes project with at least one cluster. Alternatively, two OpenStack projects or two Kubernetes projects with different subnets will also work.

Once you are logged in to your NWS account, just navigate to either one of your OpenStack projects or one of your Kubernetes projects.
Next, click on “Networks” – this is a new section we added to the menu of the projects.
A list with all of the networks of the project will show up. Next to each of the networks you will find an action called “Manage network links“.
If you click on “Manage network links”, a popup window will show up containing a list of all the other networks that you have in your other Kubernetes and OpenStack projects.

 

The networks are grouped by the projects they belong to. For each network you now have an option to create a link, as seen in the screenshot. If you have chosen a network, which you would like to link to the current network, you just have to click on the “Create Link” button next to it.

 

Doing so will trigger a job which will be processed in the background. As one of the first steps, the job will check, if the selected networks are compatible with each other. Two networks are compatible, if they contain subnets with different subnet addresses. Furthermore, there must be a router in each of the projects, which has an interface on each of the networks.

 

Only, if both of those requirements are met, it will be possible to route between the networks and the job will start. Once it’s finished, you’ll get notified.

 

In case the requirements are not met you will get a notification telling you that the subnets are incompatible.

 

By default, our OpenStack and Kubernetes networks are compatible with each other. If you want to link Kubernetes with Kubernetes, then the only way to ensure compatibility is to supply a custom subnet address on creation to one of the clusters. For OpenStack to OpenStack you do not have the option (yet) to supply a custom subnet address to your default network on creation of the project. However, you can create your own custom networks with any subnet addresses and ensure compatibility that way.

 

Why should you use it?

Some might ask, why should one want to use this feature? Here is an example:
Let’s say, you have your application running on your Kubernetes cluster and you need to connect it to a database, which is running on a server in your OpenStack project. In that case you want to have a secure connection – a VPN comes to mind. Another approach would be a Database with a floating IP and security group rules.
But both of those options come with some tradeoffs: in case of the VPN, you have another point of failure and additional network overhead. And with a floating IP on your database you might not sleep so well, because of security concerns.
This new feature comes in handy, as the connections are not leaving our internal network infrastructure and traffic can flow locally between the projects and networks without additional overhead!

We already had some customers who were using this feature before the launch of the integration into NWS. In those cases one of our MyEngineers would configure the cross-connection manually for the customer.
But now it comes at no additional costs, because it does not require any action of one of our MyEngineers. Feel free to try it. Should you have any questions, don’t hesitate to send us a message or use our LiveChat on our website, which can be found in the bottom right corner.

 

Gabriel Hartmann
Gabriel Hartmann
Senior Systems Engineer

Gabriel hat 2016 als Auszubildender Fachinformatiker für Systemintegrator bei NETWAYS angefangen und 2019 die Ausbildung abgeschlossen. Als Mitglied des Web Services Teams kümmert er sich seither um viele technische Themen, die mit den NETWAYS Web Services und der Weiterentwicklung der Plattform zu tun haben. Aber auch im Support engagiert er sich, um den Kunden von NWS bei Fragen und Problemen zur Seite zu stehen.

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

More posts on the topic Web Services

CfgMgmtCamp 2024: Unser Rückblick

Vergangene Woche fuhr ein Teil unseres Teams bei NWS bis nach Ghent in Belgien, um am ConfigManagementCamp 2024 teilzunehmen. Hierbei handelt es sich um eine kostenlose Konferenz, direkt im Anschluss an die FOSDEM, was Jahr für Jahr für ein großes Publikum aus Fans...

Effektive Zugriffskontrolle für GitLab Pages

Grundlagen von GitLab Pages GitLab Pages sind eine facettenreiche Funktion, die es ermöglicht, statische Webseiten direkt aus einem GitLab-Repository heraus zu hosten. Diese Funktionalität eröffnet eine breite Palette von Anwendungsmöglichkeiten, von der Erstellung...

Why We’re Excited About DevOps Camp 2023!

This year, our NETWAYS Web Services Team is highly motivated to participate in DevOps Camp in Nuremberg! After a short break since stackconf in Berlin, we are back at a conference. We are delighted to be able to support DevOps Camp once again. In this article, we...